7.8

CVE-2024-49984

EPSS 0.04%
Published 21.10.2024 18:15:18
Last modified 27.12.2024 13:15:20
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Prevent out of bounds access in performance query extensions

Check that the number of perfmons userspace is passing in the copy and
reset extensions is not greater than the internal kernel storage where
the ids will be copied into.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.8 < 6.10.4

Linux ≫ Linux Kernel Version >= 6.10.5 < 6.10.14

Linux ≫ Linux Kernel Version >= 6.11 < 6.11.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.113

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/3e50d72abe50204c7b19784a66e86da29dde32c2

Patch

https://git.kernel.org/stable/c/d9536f16be3970c170571efa707c13cd089c774e

Patch

https://git.kernel.org/stable/c/f32b5128d2c440368b5bf3a7a356823e235caabb

Patch

https://nvd.nist.gov/vuln/detail/CVE-2024-49984

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-49984

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-49984

EUVD